![BK
TP.HCM
Birthday attack (1/6)
exploits the mathematics behind the birthday problem in
probability theory.
What is the minimum value of k such that the probability
is greater than 0.5 that at least two people in a group of
k people have the same birthday?
P(n, k) = Pr[at least one duplicate in k items, with each
item able to take on one of n equally likely values
between 1 and n]
we are looking for the smallest value of k such that
P(365, k) 0.5](https://image.slidesharecdn.com/networksecurityattacks-160504174432/85/Network-security-attacks-7-320.jpg)
Network security attacks
- 1. BK TP.HCM Outline Cryptographic Attacks ▫ Frequency analysis ▫ Brute force attack ▫ Meet-in-the-middle attack ▫ Birthday attack Network Attacks ▫ Replay attack ▫ Man-in-the-middle attack ▫ Denial-of-service attack
- 2. BK TP.HCM Frequency analysis Frequency analysis is the study of the frequency of letters or groups of letters in a ciphertext. The method is used as an aid to breaking classical ciphers.
- 3. BK TP.HCM Brute force attack brute force attack is a strategy used to break the encryption of data. It involves traversing the search space of possible keys until the correct key is found. The amount of time required to break a 128-bit key is also daunting. Each of the 2128 possibilities must be checked. A device that could check a billion billion keys (1018 ) per second would still require about 1013 years to exhaust the key space. This is a thousand times longer than the age of the universe, which is about 13,000,000,000 (1.3×1010 ) years.
- 4. BK TP.HCM Meet-in-the-middle attack (1/3) for small x, we have (1 x) ex .for small x, we have (1 x) ex . for small x, we have (1 x) ex . The attack works by encrypting from one end and decrypting from the other end, thus meeting in the middle. Assume the attacker knows a set of plaintext and ciphertext: P and C. That is:
- 5. BK TP.HCM Meet-in-the-middle attack (2/3) for small x, we have (1 x) ex .for small x, we have (1 x) ex . for small x, we have (1 x) ex . The attacker can then compute EK(P) for all possible keys K and store the results in memory. Afterwards he can decrypt the ciphertext by computing DK(C) for each K. Any matches between these two resulting sets are likely to reveal the correct keys. (To speed up the comparison, the EK(P) set is stored in an in-memory lookup table, then each DK(C) can be matched against the values in the lookup table to find the candidate keys.)
- 6. BK TP.HCM Meet-in-the-middle attack (3/3) for small x, we have (1 x) ex .for small x, we have (1 x) ex . for small x, we have (1 x) ex . Once the matches are discovered, they can be verified with a second test-set of plaintext and ciphertext. If the keysize is n, this attack uses only 2n + 1 encryptions (and O(2n ) space) in contrast to the naive attack, which needs 22n encryptions (but only O(1) space).
- 7. BK TP.HCM Birthday attack (1/6) exploits the mathematics behind the birthday problem in probability theory. What is the minimum value of k such that the probability is greater than 0.5 that at least two people in a group of k people have the same birthday? P(n, k) = Pr[at least one duplicate in k items, with each item able to take on one of n equally likely values between 1 and n] we are looking for the smallest value of k such that P(365, k) 0.5
- 8. BK TP.HCM Birthday attack (2/6) the probability that there are no duplicates, which we designate as Q(365, k) the number of different ways is:
- 9. BK TP.HCM Birthday attack (3/6) P(365, 23) = 0.5073. For k = 100, the probability of at least one duplicate is 0.9999997.
- 10. BK TP.HCM Birthday attack (4/6) for small x, we have (1 - x) ≅ ex .
- 12. BK TP.HCM Birthday attack (6/6) What value of k is required such that P(n, k) 0.5? To satisfy the requirement, we have: For large k, we can replace k x (k -1) by k2 , and we get As a reality check, for n = 365, we get which is very close to the correct answer of 23.
- 13. BK TP.HCM Replay attack (1/2) Use a simple method of exploiting a captured packet or packets, and resend that traffic to cause unexpected results. Suppose Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Mallory is eavesdropping the conversation and keeps the password. After the interchange is over, Mallory connects to Bob posing as Alice; when asked for a proof of identity, Mallory sends Alice's password read from the last session, which Bob accepts.
- 14. BK TP.HCM Replay attack (2/2) A way to avoid replay attacks is using session tokens, session tokens should be chosen by a (pseudo-) random process. Timestamping is another way of preventing a replay attack. The advantage of this scheme is that does not need to generate (pseudo-) random numbers.
- 15. BK TP.HCM Man-in-the-middle attack The man-in-the middle attack intercepts a communication between two systems Once the TCP connection is intercepted, the attacker acts as a proxy, being able to read, insert and modify the data in the intercepted communication. Various defenses against MITM attacks use authentication technique that are based on PKI (Public Key Infrastructure)
- 16. BK TP.HCM Denial-of-service attack DoS attack or DDoS is an attempt to make a computer resource unavailable to its intended users. Methods of attack ▫ ICMP flood ▫ Teardrop Attacks ▫ Peer-to-peer attacks ▫ …